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WHAT IS CLAIMED IS: 

1. A cryptographic device for securing data on /a computer 
letwor k comprising : 

a processor programmed to authenticate a/plurality of 
5 users on' the computer network for secure process/ng of a value 
bearing item, wherein the processor includes a szate machine for 
determining a state corresponding to availability of one or more 
commands ; 

a memory for storing security devi/ce transaction data 
10 for ensuring authenticity of a user, wherein the security device 
transaction data is related to the one of t:he plurality of users; 

a cryptographic engine for cryjycographically protecting 

data; and 

an interface for communicating with the computer 

15 network. 



2. The cryptographic devic/e of claim 1, wherein the state 
machine includes an uninitialised state. 

20 3. The cryptographic cfevice.of claim 1, wherein the .state 

machine includes an initial/zed state. 

4. The cryptographic device of claim 1, wherein the state 
machine includes an opej/ational state 

25 

5. The cryptographic device of claim 1, wherein the state 
machine includes an ^administrative state. 

6. ' The cryotographic device of claim 1, wherein the state 
30 machine includes/an exporting shares state, 

7. The Cryptographic device of claim 1, wherein the state 
machine includes an importing shares state. 



35 
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8. The cryptographic fievice of claim 1, wherein the state 
machine includes an error st/ate, 

9. The cryptographic/ device of claim 2, wherein the one 
or more commands corresponding to the uninitialized state 
includes a command for start initializing. 



10. The cryptographic device of claim 3, wherein the one 
or more commands corresponding to the initialized state includes 
10 , commands for one or more of/ get status command, initialize access 
control database command, / logon command, logoff command, query 
current user role command,/ query current user ID command, session 
management commands, audit entry creation command, generate 
master key set command, amd generate transport key pair commands. 



15 



20 



11. The cryptogradhic device of claim 4, wherein the one 
or more commands corresponding to the operational state include 
commands for one or more of access control, session management, 
key management, and audit support. 



12. The cryptographic device of claim 11, wherein the 
commands for access conltrol include one or more of transition to 
administrative state command, logon command, logoff command, 
query current user role command, query current user ID command, 

25 view access control database command, change password command, 
set clock command, and set Status command. 

13. The cryptographic device of claim 11, wherein the 
commands for session management include one or more of open 

30 session command, close Session command, compute session MAC 
command, verify session MAC command, session encrypt command, and 
session decrypt command. 



14. The cryptographic device of claim 11, wherein the 
35* commands for key management include one or more of export 
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transport public key command, start importing MKS command, CDfeate 
MKS shares command, generate MKS command, activate MKS command, 
delete dormant MKS command, global decrypt and MAC command, 
compute MAc command, verify MAC, and encryption /nd MAC 
translation commands. 



10 



15. The cryptographic device of claim 11, therein the 
commands for audit support include one or more of/ create audit 
entry command, create audit key command, an«/ export audit 
verification key command. 



15 
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16. The cryptographic device of claim/5, wherein the one 
or more commands corresponding to the ^administrative state 
include commands . for one or more of create account command, 
delete account command, modify accoui/t command, view access 
control database command, end admin/ command, logon command, 
logoff command, query current user /role command, query current 
user ID command, set clock command^, get status command, session 
management commands, and audit entry creation command. 



17. The cryptographic device of claim 6, wherein the one 
or more commands corresponding to the exporting shares state 
include commands for one/ or more of logon command, logoff 
command, query Current U^er Role command, query current user ID 
25 command, export share command, abort export command, get status 
command, session management commands, and audit entry creation 
command . 



18. The cryptographic device of claim 7, wherein the one 
30 or more command^ corresponding to the importing shares state 
include comma/ds for one or more of logon command, logoff 
command, que/y current user role command, query current user ID 
command, export transport public key command, import share 
command, ycombine shares command, set status command, session 
35 management commands, and audit entry creation command. 
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1 19. The cryptographic deviVce of claim 8, wherein the one 

or more commands corresponding to the error state include 
commands for one or more of aet status command, and access 
control queries command. / 

5 I 

20. The cryptographic devjice of claim 1 further comprising 
computer executable code to keep track of a present operational 
state. / 

10 21. The cryptographic /device of claim 1, wherein the 

processor is programmed to verify that the authenticated user is 
authorized to assume a r<ble and perform a corresponding 
operation.. / 

15 22. The cryptographic device of claim 1, wherein the 

cryptographic device includes a computer executable code for 
preventing unauthorized disclosure of data. 

23. The cryptographic device of claim 1, wherein the 
20 cryptographic device includes a computer executable code for 

supporting multiple concurrent users and maintaining a separation 
of roles and operations performed by each user. 

24. The cryptographic device of claim 1, wherein the value 
25 bearing item is a postage value including a postal indicium. 

25. The cryptographic device of claim 24, wherein the 
postal indicium comprises a digital signature. 

30 26. The cryptographic device of claim 24, wherein the 

postal indicium comprises a postage amount. 

27. The cryptographic device of claim 24, wherein the 
postal indicium/comprises an ascending register of used postage 
35 and descending jregister of available postage. 
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1 28. The cryptographic ddvice of claim 1, wherein the value 

bearing item is a ticket. 

29. The cryptographic device of claim 1, wherein the value 
5 bearing item includes a bar cqde. 

30. The cryptographic device of claim 1, wherein the value 
bearing item is a coupon. 

10 31. The cryptographic device of claim 1, wherein the. value 

bearing item is currency. 



32. The cryptographic 
bearing item is a voucher. 



device of claim 1, wherein the value 



33. The cryptographic device of claim 1, wherein the value 
bearing item is a traveler's /check, 



34. The cryptographic / device of claim 1, wherein each 
20 security device transaction /data includes an ascending register 
value, a descending register value, a respective cryptographic 
device ID, an indicium key certificate serial number, a licensing 
ZIP code, a key token for am indicium signing key, user secrets, 
a key for encrypting user secrets, data and time of last 
25 transaction, last challenge received from a respective client 
subsystem, an operational state of the respective' device, 
expiration dates for keys/ and a passphras'e repetition list. 



30 
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35. The cryptographic device of claim 1, wherein each 
security device transaction data includes information to define 
the present operational ptate of the device. 



:ryptographic 



36. The c 
processor is capable of 
other cryptographic dev 



device of claim 1, wherein the 
sharing a secret with a plurality of 
ces . 
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37. The cryptographic devi/ce of claim 1, wherein the 
processor and the cryptographic engine generate a master key set 
(MKS) . 

38. The cryptographic deviJce of claim 37, wherein the MKS 
includes a Master Encryption Key/ (MEK) used to encrypt keys when 
stored outside the device. 



39. The cryptographic device of claim 38, wherein the MKS 
10 further includes a Master Au/thentication Key (MAK) used to 
compute a DES MAC for signing/ keys when stored outside of the 
device , 



40. The cryptographic / device of claim 1,. wherein the 
15 cryptographic engine is- programmed to perform one or more of 
Rivest, Shamir and Adleman/ (RSA) public key encryption, DES, 
Triple-DES, DSA sign'atur^, SHA-1, and Pseudo-random number 
generation algorithms . 



20 41. The cryptographic device of claim 1, wherein at least 

one of the plurality of /users is an enterprise account, 




42. A method fotf securing data on a computer network 
including a plurality <bf users comprising the steps of: 
25 authenticating the plurality of users for secure 

processing of a value /bearing item; 

storing sedurity device transaction data in a memory 
for ensuring authent i/city and authority of one of the plurality 
of users, wherein the/ security device transaction data is related 
30 to the one of the plurality of users; and 

determining a state in a state machine for availability 
of one or more commands. 



35 



43. The metliod of claim 42 further comprising the step of 
printing the value bearing item. 
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44. The method of claim 42 further comprising the /step of 
storing a plurality of security device transaction data in a 
database wherein, each transaction data is related to pne of the 
plurality of users. 

45. The method of claim 44 further comprising the step of 
loading a security device transaction data related to the 
cryptographic device when the user requests to operate on a value 
bearing item. 

46. The method of claim 42 further comprising the steps of 
authenticating the identity of each user Knd verifying that the 
identified user is authorized to assume/a role^and to perform a 
corresponding operation . 

47. The method of claim 42, whferein the step of determining 
a state comprises of determining/an uninitialized state 



48. The method of claim f2 f wherein the step of determining 
20 a state comprises of determining an initialized state. 

49. The method of cj/aim 42, wherein the step of determining 
a state comprises of determining an operational state, 

25 50. The method cSf claim 42, wherein the step of determining 

— 

• 51. The method of claim 42, wherein the step of determining 
a state comprise^ of determining an exporting shares state. 

/ 

52. The method of claim 42, wherein the step of determining 
a state compulses of determining an importing shares state. 



30 



53. yhe method of claim 42, wherein the step of determining 
35 a state comprises of determining an error state. 
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54. The method of clafim 47, wherein the one or more 
commands corresponding to tine uninitialized state includes a 
command for start initializing, 

55. The method of cp_aim 48 , wherein the one or more 
commands corresponding to tme initialized state includes commands 
for one or more of get status command, initialize access control 
database command, logon ccmmand, logoff command,' query current 

current user ID command, session 
t entry creation command, generate 



user role command, query 
management commands, aud 



master key set command, andl generate transport key pair commands. 



'•■3 
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56. The method of/ claim 49, wherein the one or more 
commands corresponding to the operational state include commands 
for one or more of access control, session management, key 
management, and audit s/upport. 

57. The method ofl claim 56, wherein the commands for access 
control include one or pore of transition to administrative state 
command, logon command, logoff command, query current user role 
command, query current user ID command, view access control 
database command, change password command, set clock command, and 
set Status command , 

58. The method of .claim 56, wherein the commands for 
session management ijnclude one or more of open session command, 
close Session command, compute session MAC command,' verify 
session MAC command,/ session encrypt command, and session decrypt 
command , 

59. The method of claim 56, wherein the commands for key 
management include/ one or more of export transport public key 
command, start importing MKS command, create MKS shares command, 
generate MKS command, activate MKS command, delete dormant MKS 



35 
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command, global decrypt and MAC command, compute MAc comipknd, 
verify MAC, and encryption and MAC translation commands. 

60. The method of claim 56, wherein the commands fior audit 
support include one or more of create audit entry commaria, create 
audit key command, and export audit verification key/command. 



□ 
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61- The method of claim 50, wherein the /one or more 
commands corresponding to the administrative /state include 
commands for one or more of create account yfcommand, delete 
account command, modify account command, vie// access control 
database command, end admin, command, logori command, logoff 
command, query current user role command, qu4ry current user ID 
command, set clock command, get statu/s command, session 
management commands, and audit entry crea/ion command. 

62. The method of claim 51, wl/erein the one or more 
commands corresponding to the exporting shares state include 
commands for one or more of logon command, logoff command, query 
Current User Role command, query current user ID command, export 
share command, abort export command, get status command, session 
management commands, and audit eiVcry creation command. 

63. The method of claim 52, wherein the one or more 
commands corresponding to the importing shares state include 
commands for one or more of Logon command, logoff command, query 
current user role command, gfuery current user ID command, export 
transport public key command, import share command, combine 
shares command, set status command, session management commands, 
and audit entry creation command. 



35 



64: The method /of claim 53, wherein the one or more 
commands correspondinq to the error state include commands for 
one or more of get /status command, and access control queries 
command . 
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1 65. The method of claim 42, further comprising the step of 

printing a postage value including a postal indicium. 

66. The method of claim 65, wherein the postal indicium 
5 includes a digital signature. 

67. The method of claim 65, wherein the postal indicium 
includes a postage amount. 

10 68. The method of claim 65, wherein IzThe postal indicium 

comprises an ascending register of used p<^stage and descending 
register of available postage. 



□ 
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69. The method of claim 42, furtlyfer comprising the step of 
printing a ticket. 

70. The method of claim 42, farther comprising the step of 
printing a bar code. 

71. The method of claim 4^, further comprising the step of 
printing a coupon. 

72. A security syste^ for securing data in a computer 
network comprising : 

a plurality of jdser terminals coupled to the computer 

network; 

a cryptographic device remote from the plurality of 
user terminals and coupled to the computer network, wherein the 
cryptographic device includes a state machine for determining a 
state corresponding /to one or more commands available to an 
authenticated user ; /and 

a plurality of security device transaction data for 
ensuring authenticity of the one or more users, wherein each 
security device t/ransaction data is related to a user. 



35 
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73. The system of claim 72, wherein the securityydevice 
transaction data related to a user is loaded iAto the 
cryptographic device when the user requests to operate /^n a value 
bearing item. / 



74. The system of claim 72, 
includes an uninitialized state. 



/ 

wherein the /state machine 



75. The system of claim 72, wherein 
10 includes an initialized state. 



:he state machine 



76. The system of claim 72, 
includes an operational state. 



wherein the state machine 



15 77. The system of claim 72, 

includes an administrative state. 



therein the state machine 



78. The system of claim /72, wherein the state machine 
includes an exporting shares ^tate. 

20 

79. The system of cVaim 72, wherein the state machine 
includes an importing shayes state, 

80. The system of claim 72, wherein the state machine 
25 includes an error state. 
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81. The systen( of claim 74, wherein the one or more 
commands corresponding to the uninitialized state includes a 
command for start /initializing. 

82. The system of claim 75, wherein the one or more 
commands corresponding to the initialized state includes commands 
for one or morgr of get status command, initialize access control 
database commAnd, logon command, logoff command, query current 
user role c/ommand, query current user ID command, session 
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management commands, audit entry creation command, generate 
master key set command, and generate transport key pair /omraands . 

83. The system of claim 76, wherein the one or more 
commands corresponding to the operational state include commands 
for one or more of access control, session management, key 
management, and audit support. 
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84. The system of claim 83, wherein the jdommands for access 
10 control include one or more of transition to administrative state 

command, logon command, logoff command, query current user role 
command, query current user ID command/ view access control 
database command, change password comma n^zf, set clock command, and 
set Status command. 

15 

85. The system of claim 83,/ wherein the commands for 
session management include one or more of open session command, 
close Session command, compute /session MAC command, verify 
session MAC command, session enciyypt command, and session decrypt 

2 0 . command. 

86. The system of clainf 83, wherein the commands for key 
management include one or more of export transport public key 
command, start importing MKS command, create MKS shares command, 

25 generate MKS command, acti/vate MKS command, delete dormant MKS 
command, global decrypt and MAC command, compute MAc command, 
verify MAC, and encryption and MAC translation commands. 



87. The system off claim 83, wherein the commands for audit 
30 support include one or/more of create audit entry command, create 
audit key command, and export audit verification key command. 



35 



88. The system of claim 77, wherein the one or more 
commands corresponding to the administrative 'state include 
commands for one/ or more of create account command, delete 
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account command, modify account command, view acceis control 

database command, end admin, command, logon command, logoff 

command, query current user role command, query cu/rent user ID 

command, set clock command, get status command, session 
management commands, and audit entry creation command. 



10 



89. The system of claim 78, wherein/ the one or more 
commands corresponding to the exporting sMares state include 
commands for one or more of logon command, /logoff command, query 
Current User Role command, query current j/ser ID command, export 
share command, abort export command, get/status command, session 
management commands,- and audit entry creation command. 



'90. The system of claim 79,/ wherein the one or more 
15 commands corresponding to the importing shares state include 
commands for one or more of logon /command, logoff command, query 
current user role command, query/current user ID command, export 
transport public key command,/ import share command, combine 
shares command, set status command, session management commands, 
20 and audit entry creation command. 



25 



91. The system of .claim 80, wherein the one or more 
commands corresponding ta the error state include commands for 
one or more of get states command, and access control queries 
command . 



92. The system /of claim 72 further comprising computer 
executable code to keep track of a present operational state. 



30 93. The system of claim 72, wherein the processor is 

programmed to veri/fy that the authenticated user is authorized 
to assume a role /and perform a corresponding operation. 
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computer 



The system of 
executable code 



claim 72, wherein the system includes a 
for supporting multiple concurrent users 
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1 and maintaining a separation of roles and operations/performed 
by each user. 

95. The system of claim 72, wherein the valu^ bearing item 
5 is a postage value including a postal indicium. 

96. The system of claim 95, wherein thye postal indicium 
comprises a digital signature. 

10 97. The system of claim 95, where/n the postal indicium 

comprises a postage amount, 

98. The system of claim 95, wherein the postal indicium 
comprises an ascending register of/used postage and descending 

15 register of available postage . 

99. The system of claim 1/1, wherein the value bearing item 
is a ticket. 

20 100. The system of cl^im 72, wherein the value bearing item 
includes a bar code. 

101. The system of/claim 72, wherein each security device 
transaction data includes information to define the present 
25 . operational state of the device. 
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102. The systeih of claim 72, wherein the cryptographic 
engine is programmed to perform one or more of Rivest, Shamir and 
Adleman (RSA) public key encryption, DES, Triple-DES, DSA 
signature, SHA-l,/and Pseudo-random number generation algorithms. 



103. The ^ystem of claim 72, wherein at least one of the 
users is an enterprise account. 
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1 104. A method for secure printing of value-beaming items 

over a computer network having a plurality of user terminals, the 

method comprising the steps of: / 

storing information about a plurality/ of users using 
5 the plurality of terminals in a database ^remote from the 

plurality of user terminals; - / 

securing the information about /the users in the 

database by one or more of cryptographic devices remote from the 

plurality of user terminals; / 
10 storing a plurality of security device transaction data 

in the database, wherein each transact/on data is related to one 

of the plurality of users; and / 

determining a state in a senate machine for availability 

of one or more commands / 
15 / 

105. The. method of claim M)4 further comprising the step of 
printing the value bearing it/em. 

106. The method of claim 104 further comprising the step of 
20 loading a security device/transaction data related to a user into 

one of the one or more/of cryptographic devices when the user 
requests to operate on/ a value bearing item. 

107. The method' of claim 104 further comprising the step of 
25 loading a security device transaction data related to the 

cryptographic devi/ce when the user requests to operate on a value 
bearing item. / 

108. The method of claim 104 further comprising the steps 
30 of authenticating the identity of each user and verifying that 

the identified user is authorized to assume a role and to perform 
a corresponding operation. 

35 / 
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1 109. The method of claim 104, wherein the ^tep of 

determining a state comprises of determining an uninitialized state. 

110. The method of claim 104, wherein the step of 
5 determining a state comprises of determining an initialized 

state. ' / 

/ 

/ 

111. The method of claim 104, wherein the step of 
determining a state comprises of determining an operational 

10 state . 

/ 

112. The method of claim 104,/ wherein the step of 
determining a state comprises of determining an administrative 



state. - ; 



/ 



113. The method of clain/ 104, wherein the step of 
determining a state comprises op determining an exporting shares 
state . 

20 114. The method of /claim 104, wherein the step of 

determining a state comprises of determining an importing shares 
state . 

115. The method' of claim 104, wherein the step of 
25 determining a state /comprises of determining an error state. 

116. The method of claim 104, further comprising the step 
of printing a pO/Stage value including a postal indicium. 

30 117. The /method of claim 116, wherein the postal indicium 

includes a digital signature. 

/ 

118. The method of claim 116, wherein the postal indicium 
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includes /a digital signature 

/ 
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119. The method of/claim 116, wherein the postal indicium 
includes a postage amount. 

120. The method of claim 104, further comprising the step 
of printing a ticket. 
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